It seems to me that whether or not theIn IEEE 802.11 discovery is used to advertise not only the capabilities (rates, SSID, etc.) but also the security properties -- ciphersuites, pre-authentication support, etc. So without discovery, you might not know what networks are available, and whether they support security at all, let alone what kind of security.
host is required to perform some kind of authentication to enter the network
is independent of the discovery protocol. Or am I missing something?
Where Discovery is required to even know what networks are available, discovery needs to occur prior to authentication. In that case, the link isn't available to pass traffic, other than authentication traffic. That makes it hard to run an L3 service discovery protocol -- L2 devices can't be assumed to do the L3 filtering required to let such a protocol pass. That's why protocols such as PPPOE or IEEE 802.11 do discovery at L2.Of course, there is also the issue of authentication for the discovery protocol itself, but that seems, to me, to be more easily handled at layer 3.
Well, it would be most helpful if we had a process by which IEEE/IETF could work these things out.Right, it would be helpful if we could get this straight.